Logjam mitigation for Wheezy?

To: debian-security@lists.debian.org
Subject: Logjam mitigation for Wheezy?
From: Dan Ritter <dsr@randomstring.org>
Date: Wed, 20 May 2015 12:47:35 -0400
Message-id: <[🔎] 20150520164735.GB24453@randomstring.org>
Mail-followup-to: debian-security@lists.debian.org

Is there any chance of getting Logjam ( https://weakdh.org/ )
mitigation for Wheezy packages?

In particular, Apache 2.2 does not have 
SSLOpenSSLConfCmd DHParameters
as a configurable option. It looks like that only shows up in
2.4, which is not in wheezy-backports.

Postfix is configurable as-is.

Dovecot 2.2.13 is available in wheezy-backports

OpenSSH 6.6 is available in wheezy-backports

HAProxy is available in wheezy-backports

So I guess this is a request for either a fix for Apache 2.2 or a
backport of 2.4 to wheezy.

Thanks,

-dsr-

Reply to:

Follow-Ups:
- Re: Logjam mitigation for Wheezy?
  - From: Michael Stone <mstone@debian.org>
- Re: Logjam mitigation for Wheezy?
  - From: Stefan Fritsch <sf@sfritsch.de>

Prev by Date: Re: [SECURITY] [DSA 3265-1] zendframework security update
Next by Date: Re: Logjam mitigation for Wheezy?
Previous by thread: Re: [SECURITY] [DSA 3265-1] zendframework security update
Next by thread: Re: Logjam mitigation for Wheezy?
Index(es):
- Date
- Thread